Novel attack against virtually all VPN apps neuters their entire purpose
TunnelVision, as the researchers have named their attack, largely negates the entire purpose and selling point of VPNs, which is to encapsulate incoming and outgoing Internet traffic in an encrypted tunnel and to cloak the user’s IP address. The researchers believe it affects all VPN applications when they’re connected to a hostile network and that there are no ways to prevent such attacks except when the user's VPN runs on Linux or Android. They also said their attack technique may have been possible since 2002 and may already have been discovered and used in the wild since then.
Your VPN may not actually be functioning
#VPNs #ArsTechnica #Computers #Linux #TunnelVisionVulnerability #Android
Novel attack against virtually all VPN apps neuters their entire purpose
TunnelVision vulnerability has existed since 2002 and may already be known to attackers.Ars Technica
like this
David
in reply to Joseph Teller • • •GitHub - leviathansecurity/TunnelVision: A network technique that decloaks a VPN users traffic on a local network without disconnecting them from a VPN.
GitHub